Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

GitGuardian Senior Cybersecurity Researcher Gaetan Ferry’s latest research shows that AI-generated passwords are leaving fingerprints in the wild. In this interview, he explains how he used Markov chains, a century-old statistical model, to detect patterns in passwords generated by modern LLMs, attribute them to model families, and identify 28,000 likely LLM-generated passwords across public GitHub. The findings are a warning for teams adopting AI coding agents.

This video walks you though some major highlights.

In this video, Romain Jouhannet, Product Manager at GitGuardian, talks with Dwayne McDaniel, Developer Advocate at GitGuardian about the platform's new native support for Gerrit as a VCS source. Gerrit is widely used for enterprise code review workflows, often hosting sensitive internal repositories. You can now connect your Gerrit instance to GitGuardian to detect secrets exposed across your repositories and commit histories, with the same experience as our other VCS integrations.

GitGuardian NHI Governance will now automatically flag machine identities that carry admin access and have more privileges than they actually use. GitGuardian NHI Governance has been able to surface policy breaches for long-lived secrets, Duplicated Secrets, and, of course, if the secrets have been leaked publicly or internally.

In this quick introductory video, Mathieu Bellon, Senior Product Manager at GitGuardian, sits down with Dwayne McDaniel, Developer Advocate, to cover some of the advancements GitGuardian has made by integrating machine learning directly into the secrets security platform. Mathieu describes how engineers and responders can save serious time as by automating contextual analysis, geving the humans in the loop with the best information to be able to take an informed action when it comes to secrets leaks. They also discuss the security implications and where teams can look if they want to opt out or bring their own agents.

Watch the teams of GitGuardian and CyberArk for a demo-first session on how MCP (Model Context Protocol) servers can help you tame secrets sprawl and vault sprawl by letting developers use AI to trigger the right actions, with far less cognitive load! What you’ll learn.

GitGuardian’s 2026 State of Secrets Sprawl Report reveals a 34% increase of new hardcoded secrets were exposed on public GitHub in 2025. Join us to discuss the number and types of secrets we discovered, and other key findings, with our expert panel!

Introducing ggshield AI hooks from GitGuardian to help stop AI coding assistants from leaking secrets. See how ggshield can scan prompts, tool calls, file reads, MCP calls, and tool output inside AI coding tools like Cursor, Claude Code, and VS Code with GitHub Copilot. When a secret is detected, ggshield can block the action before sensitive data is sent or exposed. You will also see how simple the setup is, with flexible install options for local or global use. This adds practical guardrails to AI-assisted development and helps teams move fast without increasing secret sprawl.

In this 20-minute live demo with Eric Fourrier (CEO and Founder of GitGuardian), Guillaume Valadon (Staff Cybersecurity Researcher at GitGuardian), & Dwayne McDaniel (Principal Developer Advocate at GitGuardian), you'll see how to determine if your machines were compromised by the ongoing Trivy and LiteLLM supply chain attack (attributed to TeamPCP), then scan for exposed secrets and get moving on remediation - step by step.

With 100x more non-human identities than human identities expected in 2025, the way we manage machine credentials is fundamentally broken. 83% of attacks involve compromised secrets, yet many organizations still rely on hardcoded keys, sprawling secrets, and scattered vault deployments.